and Remote Access console and selecting the IKEv2 tab, as shown in Figure 8-6, displays controls that enable you to calibrate the persistence of the server’s IKEv2 connections and security associations.
Figure 8-6 The IKEv2 controls in an RRAS server’s Properties dialog box.
New Features in Network Policy Server NPS is the replacement for Microsoft Internet Authentication Service (IAS). First appearing in Windows Server 2008, NPS enables a Windows server to perform the following functions: n
Remote Authentication Dial-In User Service (RADIUS) server Provides authentication, authorization, and accounting services for network access devices such as remote access servers and wireless access points
n
RADIUS proxy Forwards RADIUS message traffic generated by network access devices to RADIUS servers on other networks
n
Network Access Protection (NAP) health policy server Enables administrators to create and enforce health policies that stipulate software, update and configuration requirements for IPsec, 802.1X, VPN, Dynamic Host Configuration Protocol (DHCP), and Remote Desktop Gateway clients. Clients not meeting the health policy requirements are denied access to the network resources.
In Windows Server 2008 R2, Microsoft has added a number of new administrative tools to NPS, as described in the following sections.
142
CHAPTER 8
DirectAccess and Network Policy Server